brute force – Page 16 – WindowsTechs.com

THC Hydra sends GET request without parameter before actual request with parameter which causes authentication problems

Posted on September 29, 2021 by sam

I am using THC Hydra (v9.0) on GNU/Linux to pentest my private API.
The GET route in question requires a key as GET parameter which returns an auth token if the correct key was submitted else "false".
If no key or a wrong key is … Continue reading THC Hydra sends GET request without parameter before actual request with parameter which causes authentication problems→

Are dictionary and rainbow table attacks a subset of brute force attacks or are they seperate?

Posted on September 27, 2021 by luek baja

This is more of a question on the actual use of the terms rather than the definitions, so my question is this:
Are dictionary and rainbow table attacks a type of brute force attack or are they different entirely? Would it be okay to call a… Continue reading Are dictionary and rainbow table attacks a subset of brute force attacks or are they seperate?→

How much time rockyou take to bruteforce [closed]

Posted on September 24, 2021 by Dany G Sam

How much time rockyou.txt wordlist take to bruteforce a md5 hash password using hashcat ?

Continue reading How much time rockyou take to bruteforce [closed]→

ncrack ssl option

Posted on September 15, 2021 by secf00tprint

There is the following option in ncrack (from the man page):

Misc options:
ssl: enable SSL over this service

ssl (Enable/Disable SSL over service)
By enabling SSL, Ncrack will try to open a TCP connection and then
negotiate a SSL sessio… Continue reading ncrack ssl option→

T-Mobile hacker used brute force attack to steal customers’ data

Posted on August 29, 2021 by Saad Rajpoot

By Saad Rajpoot
A 21-year-old US citizen named John Binns has claimed responsibility for the T-Mobile data breach and labeled the carrier’s “security is awful.”
This is a post from HackRead.com Read the original post: T-Mobile hacker used brute force a… Continue reading T-Mobile hacker used brute force attack to steal customers’ data→

Help with hydra https-post-form

Posted on August 15, 2021 by Zorot

I am doing portswigger labs with hydra https-post-form. I try to look for packets that don’t have status code 200 OK, because when checked in burp my failed login with bad password and good username had status code 200 OK.
└─$ hydra -l act… Continue reading Help with hydra https-post-form→

Virtual keyboard: brute force string input?

Posted on August 12, 2021 by vicy spann

Is there any software that creates a virtual keyboard input on your OS and brute force input? I know that usually you’d have a way to feedback to know if you’re successful or not, but I’m actually trying to find cheat codes/bugs on this ra… Continue reading Virtual keyboard: brute force string input?→

John The Ripper numbers mask

Posted on August 1, 2021 by szkr

I’m using john on Windows and I use pdf2john.
What do I have to do to crack this password?
I saw previous passwords and they were 4 digits (1234), possibly there may be more now. currently trying to do something like this
john -mask=?d?d?d… Continue reading John The Ripper numbers mask→

If a platform/system has brute force protection should I care for a very strong password

Posted on July 31, 2021 by Xsmael

If a platform has brute force protection should I worry about creating a very strong password since any attacker would not get a chance to reach enough attempts to crack even the weakest password?
Not that I want to use a super weak passwo… Continue reading If a platform/system has brute force protection should I care for a very strong password→